package com.source.lightfowl.filter;


import com.source.lightfowl.person.entity.Url;
import com.source.lightfowl.person.entity.UsersExtends;
import org.springframework.stereotype.Component;

import javax.servlet.*;
import javax.servlet.annotation.WebFilter;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.io.IOException;
import java.util.List;

//@Component
//@WebFilter(urlPatterns = "/*")
public class AuthorityFilter implements Filter {

    @Override
    public void init(FilterConfig filterConfig) {
        System.out.println("权限过滤器初始化了");
    }

    @Override
    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain)
            throws IOException, ServletException {
        HttpServletRequest req = (HttpServletRequest) servletRequest;
        HttpServletResponse res = (HttpServletResponse) servletResponse;
        String uri = req.getRequestURI();
        //---------后台资源控制---------
        if(uri.contains("/admin/html")||uri.contains("/admin")){
            // System.out.println("后台资源的URI-------"+uri);
            if(uri.equals("/index.html")||uri.equals("/manage/authority/login")) {
                System.out.println(uri);
                filterChain.doFilter(servletRequest, servletResponse);
            }else {
                HttpSession session = req.getSession();
                Object obj = session.getAttribute("user");
                if (obj != null) {
                    if (uri.equals("/admin/html/password.html")) {
                        filterChain.doFilter(servletRequest, servletResponse);
                    }
                    List<Url> listUrl = (List<Url>) session.getAttribute("allUrls");
                    boolean isExists = false;
                    for (Url url : listUrl) {
                        if (url.getUrlname().equals(uri)) {
                            isExists = true;
                        }
                    }
                    //如果该url需要进行权限控制
                    if (isExists) {

                        UsersExtends users = (UsersExtends) obj;
                        boolean isRight = false;
                        for (Url url : users.getUrls()) {
                            if (url.getUrlname().equals(uri)) {
                                isRight = true;
                            }
                        }
                        //登录用户对该uri具有访问权限
                        if (isRight) {
                            filterChain.doFilter(servletRequest, servletResponse);
                        } else {
                            res.sendRedirect("error.html");
                        }
                    } else {
                        filterChain.doFilter(servletRequest, servletResponse);
                    }
                }else{
                    res.sendRedirect("http://localhost:9091/index.html");
                }
            }
        }else{
            //-------前端资源放行-------
            filterChain.doFilter(servletRequest,servletResponse);
        }
    }

    @Override
    public void destroy() {
        System.out.println("权限过滤器销毁了");
    }
}
